Automatically parses and normalizes logs

Threat intelligence and support for STIX/TAXII

Includes threat intelligence from IBM X-Force and enables customers to integrate additional threat intelligence feeds of their choice via STIX/TAXII.

Integrates out-of-the-box with 450 solutions

Fosters an ecosystem by providing over 450 out-of-the-box integrations, APIs and an SDK to help customers ingest data faster, gain deeper insights and extend the value of existing solutions.

Flexible architecture can be deployed on-prem or on cloud

Offers multiple deployment options to meet a variety of needs. The solution can be delivered as hardware, software or virtual machines for on-premises or IaaS environments. Start with an all-in-one solution or scale up to a highly distributed model across multiple network segments and geographies.

Highly scalable, self-tuning and self-managing database

Enables customers to focus on security operations instead of system management and helps reduce the total cost of ownership. A self-tuning and self-managing database can scale to support the largest organizations without requiring dedicated database admins.

View moreView less

How customers use it

Complete visibility for traditional and cloud environments

Problem

Lack of insight across multiple security environments.

Solution

Gain centralized insight into logs, flow, and events across on premise, SaaS, and IaaS environments.

Eliminate manual tasks to empower analysts

Problem

Manual tracking processes take up valuable analyst time, and pull analysts away from doing other work.

Solution

Centrally see all events related to a particular threat in one place, eliminating manual tasks so analysts can focus on investigation and response.